これはサイト側の問題ではなく、ブラウザが「このサイトは必ずhttpsでアクセスする」という情報(HSTS)をキャッシュしている事に因るもの。HSTSが有効だと「(危険を承知で)例外として承認」もできなくなる。
通常はブラウザのキャッシュを消去する事で問題が解決する。
それで上手く行かないときはブラウザのセキュリティ設定をいじることで直る。
If the above steps do not work, you can try the following method. Start by locating your Firefox profile folder through your operating system’s file explorer.
You can find this folder through Firefox by navigating to about:support Halfway down the page, in the Application Basics section, you will see Profile Folder. Click Open Folder. Now close Firefox so that the browser does not overwrite any settings we are about to change.
In your Profile folder find and open the file SiteSecurityServiceState.txt. This file contains cached HSTS and HPKP (Key Pinning, a separate HTTPS mechanism) settings for domains you have visited.
It may be very disorganized. Search for the domain you want to clear the HSTS settings for and delete it from the file. Each entry beings with the domain name. Delete the entirety of the entry from the beginning of the desired domain name to the next listed domain. As an alternative, you can rename the existing file from a .txt to a .bak (in order to save the existing file, just in case) and allow Firefox to create an entirely new file on next start up.
Here is an example of a simple HSTS listing:
www.thesslstore.com:HSTS 0 17312 1527362896190,1,0
As mentioned, the formatting for this file can be messy. Below is a sample from my profile. Each domain’s settings are shown in a unique color to make separation clear. In this case, part of the settings for the previous domain appear the beginning in red:
1527363079029,1,0www.thesslstore.com:HSTS 0 17312 1527362896190,1,0
scotthelme.co.uk:HPKP 0 17312 1498419087277,1,1,9dNiZZueNZmyaf3pTkXxDgOzLkjKvI+Nza0ACF5IDwg=X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg=V+J+7lHvE6X0pqGKVqLtxuvk+0f+xowyr3obtq8tbSw=9lBW+k9EF6yyG9413/fPiHhQy5Ok4UI5sBpBTuOaa/U=ipMu2Xu72A086/35thucbjLfrPaSjuw4HIjSWsxqkb8=+5JdLySIa9rS6xJM+2KHN9CatGKln78GjnDpf4WmI3g=MWfCxyqG2b5RBmYFQuLllhQvYZ3mjZghXTRn9BL9q10= api.github.com:HSTS 0 17312 1527362865303,1,1
Note: Re-Hashed is a regular weekend feature at Hashed Out where we select an older post to revisit. This week we take a look at the answer to one of the questions we get asked the most: How to fix SSL connection errors on Android phones. #HSTS #web browsers
Read more at: https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/